OpenVPN Client DNS Configuration: DNS Leak

I've configured an OpenVPN client on my OpenWrt router using the luci-app-openvpn plus some additional modifications to /etc/config/firewall to implement a "kill switch" (routes all traffic through VPN).

Somehow, my DNS traffic is still being routed to my ISP's servers. Before modifying /etc/config/firewall to implement the kill switch, I was not experiencing these DNS leaks.

Can someone help explain how this is occurring, if you know. I can send any config files needed. My VPN provider is ProtonVPN.

Thanks for the help.

EDIT: I've tested the DNS leak with 2 different laptops, and I find that my DNS leaks while using only one of them. The laptop that leaks is a Qubes OS machine with a browser open in a Fedora VM.

Is there a chance that this laptop has DNS set manually? Since you experience that behavior on one machine, my mind goes for a manual config somewhere somehow.

There must be a configuration file that needs to be changed on the laptop. I haven't figured where that is yet.

I did find a solution on the router though, thanks to this thread: DNS leak with OpenVPN

You need to edit the text on this file: /etc/config/dhcp
You will see a text line: option resolvfile ‘/tmp/resolv.conf.auto’
Delete this line and then write:
option noresolv '1’
list server '8.8.8.8’

'8.8.8.8' => ProtonVPN DNS IP